﻿ 
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security;
using System.Web;
using System.Web.Mvc;

namespace WorkBasket.Infrastructure
{
    public class MyAuthAttribute : AuthorizeAttribute
    {
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
 
          
  
            if (!httpContext.User.Identity.IsAuthenticated)
            {
                httpContext.Response.Redirect("/");
                return false;
            }
            if(!WBSecurity.UserHasRightsToObject(httpContext,""))
            {
                httpContext.Response.Status = "401";
                return false;
            }
            return true;

 
        }
    }
}